Deleting Trusted Certificates and Private Keys From the Package
Keystore

The pkgadm command can be used to delete trusted certificates and private
keys from the package keystore.

When you delete user certificates, the alias of the certificate/key
pair must be specified. For example:

$ pkgadm removecert -n myname

The alias of the certificate is the common name of the certificate,
which can be identified using the pkgadm listcert command.
For example, this command deletes a trusted certificate entitled Trusted CA Cert 1:

$ pkgadm removecert -n "Trusted CA Cert 1"

Note –

If you have both a trusted certificate and a user certificate
stored using the same alias, they are both deleted when you specify the -n option.